UK firms fail to measure up security

News

UK firms fail to measure up security

UK companies' inability to measure security risks accurately makes them vulnerable to attack, suggests new research.

Security risk is the number one priority for UK firms, finds the research from security firm nCircle. Yet, 66% of the 1,800 UK and US IT and security directors interviewed have no way of measuring whether their security risks are growing or shrinking.

You can't protect what you can't measure, warns nCircle.

"If they are unable to measure the scale of their exposure and its impact, they have no chance of meeting the security challenge effectively, and will remain hostage to hackers, Trojans, viruses and other malware," says Elizabeth Ireland, vice president of marketing at nCircle.

Some 69% could not assess their network vulnerability or study risk data by breaking it down into region, business unit or other criteria. Compliance issues continue to browbeat IT experts, with 55% of the sample unable to manage the process, and 63% taking three months to compile compliance reports.

These findings are mirrored in an Economist Intelligence Unit (EIU) study, 'Staying Ahead of the Technology Curve', which finds that half of UK companies do not regularly monitor security threats such as phishing. Only 40% regularly briefed the board on technology threats.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.
 

COMMENTS powered by Disqus  //  Commenting policy